Re: NFS Probleme

From: Jens Rehsack <rehsack(at)liwing.de>
Date: Tue, 08 Apr 2003 05:31:08 +0200

On 4/8/2003 4:35 AM, Peter Ross wrote:
> Hallo Jens,
>
> On Tue, 8 Apr 2003, Jens Rehsack wrote:
>
>> Apr 7 15:35:26 fozzie /kernel: NFS request from unprivileged port
>> (10.62.10.100:32775)
>
> Die Antwort sagt's doch schon, der AIX-NFS-Client nutzt keinen
> priviligierten Port, der NFS-Server unter FreeBSD mag das nicht.
>
> Ich fand nichts am FreeBSD-nfsd, um daran zu "drehen".
>
> Du musst mal mount_nfs(8) von AIX befragen, ob Du da was aendern kannst.
> Ich vermute schon.

Hm, das heisst da ein bisschen anders :-)

mit /usr/sbin/mknfsmnt legt man einen nfs mount an, der dann mittel
mount gemounted wird.

> Die mount_nfs-Manpage von FreeBSD sagt
>
> -P Use a reserved socket port number. This flag is obsolete, and
> only retained for compatibility reasons. Reserved port numbers
> are used by default now. This is useful for mounting servers
> that require clients to use a reserved port number on the mis-
> taken belief that this makes NFS more secure. (For the rare case
> where the client has a trusted root account but untrustworthy
> users and the network cables are in secure areas this does help,
> but for normal desktop clients this does not apply.)
>
> Guck doch mal, ob es die Option unter AIX gibt.

Nö :-)

Aber mountd(8) unter FreeBSD sagte gerade:
-n Allow non-root mount requests to be served. This should only be
        specified if there are clients such as PC's, that require it.
        It will automatically clear the vfs.nfs.nfs_privport sysctl
        flag, which controls if the kernel will accept NFS requests from
        reserved ports only.

Ich denke, das wird es dann wohl tun.

Vielen Dank erstmal, ich geb' Laut wenn ich das getested habe.

> Gruss
> Peter

So long,
Jens

To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org
with "unsubscribe de-bsd-questions" in the body of the message
Received on Tue 08 Apr 2003 - 05:31:20 CEST

search this site